CVE-2025-13209

A weakness has been identified in bestfeng oagitfree up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml external entity...

CVE-2025-13209

CVE-2025-13209 affects bestfeng oa_git_free up to version 9.5. The vulnerability lies in the updateWriteBack function (file yimioa-oa9.5/server/c-flow/src/main/java/com/cloudweb/oa/controller/WorkflowPredefineController.java), where manipulation of the writeProp argument can trigger an XML Extern...

CVE-2025-13209 bestfeng oa_git_free WorkflowPredefineController.java updateWriteBack xml external entity reference

A weakness has been identified in bestfeng oagitfree up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml external entity...

PT-2025-47061

Name of the Vulnerable Software and Affected Versions bestfeng oa git free versions up to 9.5 Description A flaw exists in bestfeng oa git free up to version 9.5. The issue is related to the manipulation of the writeProp argument within the updateWriteBack function located in the file...